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DETAILED ACTION 

1 . This action is responsive to communication dated 8/8/2006. Claims 1 to 37 are 
pending in the case. Claims 2 and 22 are cancelled. 

Information Disclosure Statement 

2. Information Disclosure Statement submitted by the applicant on 7/27/2006 has 
been considered. See attached form 1449. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in 
the United States before the invention thereof by the applicant for patent, or on an international 
application by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 
371(c) of this title before the invention thereof by the applicant for patent. 

4. Claims 1 to 37 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Cordery (US Patent No. 6,466,921, filed 6/12.1998). 
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4.1 . As per claims 1 and 22, Cordery is directed to a system and method for providing 
public key infrastructure security in a wide area computer network (Fig. 1 and abstract), 
comprising: a user terminal (Fig. 1, item 20 and associated text) coupled to the 
computer network (Fig. 1) including a client system (Fig. 1 item 20); a private key, and a 
public key assigned to a user for authenticating a use transaction data record assigned 
to the user (col. 8 lines 17-24, where the Function Server verifies the signature of the 
meter record, and therefore authenticating the meter (transaction data) record) when 
the user registers with the system using the user terminal (col. 6, line 49 to 56, note that 
Fig. 1 item 38 and associated text shows how keys are generated. Also note that col. 10 
line 20-27 suggests use of public and private keys as an alternative); a database remote 
from the user terminal for securely storing the private key and the public key in the user 
transaction data record assigned to the user (Fig. 1, item 36 and associated text. Note 
that per col. 6, line 36-44, all keys related to users and their accounts are stored in the 
database); and a cryptographic device remote from the user terminal and coupled to the 
computer network (column 7 lines 7 to 17, and "boxes" as shown in Fig. 1 and 
associated text) for signing the data in the user transaction data record assigned to the 
user utilizing the stored private key in the database (col. 8, lines 25-29), wherein the 
private key assigned to the user is not stored in the client system (column 6 line 36-44). 

4.2. Claim 2 is cancelled. 

4.3. As per claim 3, Cordery is directed the system of claim 1 , wherein the private key 



Application/Control Number: 10/083,236 
Art Unit: 2132 



Page 4 



is encrypted when it is stored in the database (column 8 lines 29 to 30). 

4.4. As per claim 4, Cordery is directed the system of claim 2, wherein a respective 
security device transaction data related to the user is loaded into a cryptographic device 
when the user requests a service (col. 8 lines 8-28). 

4.5. As per claims 5-1 0, Cordery is directed the system of claim 1 , wherein the 
cryptographic device is configured to authenticate the identity of the user and verify that 
the identified user is authorized to assume a role and perform a corresponding 
operation (Fig. 2, item 62 and associated text describes a mailer (user) database, that 
stores related information to the user. Col. 8, lines 14-18, describes user authentication. 
It is the general purpose of user authentication to determine user access rights and 
roles to allow the user to perform the activities corresponding to their role) 

4.6. As per claim 1 1 ,. Cordery is directed the system of claim 5, wherein the 
cryptographic device includes a computer executable code for supporting multiple 
concurrent users and maintaining a separation of roles and operations performed by 
each user (column 6, line 14-27, indicates multiple mailers (users) can connect to the 
system in the real-time). 

4.7. As per claim 12, Cordery is directed the system of claim 5, wherein the 
cryptographic device stores information about a number of last transactions in a 
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respective internal register (disclosed by column 8 lines 19 to 25, where the data record 
freshness is verified). 

4.8. As per claim 13, Cordery is directed the system of claim 12, wherein the 
database stores a table including the respective information about a last transaction a 
verification module to compare the information saved in the device with the information 
saved in the database (column 8 line 19 to line 25, also see col. 7, lines 27-50). 

4.9. As per claim 14, Cordery is directed the system of claim 1 .further comprising a 
digital certificate stored in the database and assigned to a user when the user registers 
with the system (column 6 line 1-5, describes sending the indicium to the user with a 
token (digital certificate)). 

4.10. As per claim 15, Cordery is directed the system of claim 1 , wherein the 
cryptographic device is configured for digitally' signing a certificate (see response to 
claim 14). 

4.11. As per claim 16, Cordery is directed the system of claim 1, wherein the 
cryptographic device is configured for encrypting data (see response to claim 1). 

4.12. As per claim 17, Cordery is directed the system of claim 1 , wherein the 
cryptographic device is configured for decrypting data (see response to claim 1). 
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4.13. As per claim 18, Cordery is directed the system of claim 1 , wherein the database 
includes a user profile for the user (column 6 line 49 to 56). 

4.14. As per claim 19, Cordery is directed to the system of claim 18, wherein the user 
profile includes username, password, account expiration, user role, logon failure count, 
logon failure limit, logon time-out limit, password expiration, and password period 
(column 6 lines 49-56). 

4.15. As per claim 20, Cordery is directed to system of claim 5, wherein the 
cryptographic device is capable of performing one or more of DES (clearly disclosed in 
column 8 line 42 to 60), Rivest, Shamir and Adleman (RSA) public key encryption, 
Triple-DES, DSA signature, SHA-1, and Pseudo-random number generation algorithms 
(which are comparable encryption algorithms to DES and an apparent choices to a 
person skilled in the art to use as alternative methods of encryption). 

4.21 . As per claim 21 , Cordery is directed to system of claim 5, wherein the 
cryptographic device stores information about a number of last transactions in an 
internal register and compares the information saved in the register with the information 
saved in a memory before loading a new transaction data (as mentioned in response to 
claim 12, record freshness is checked before the transaction is allowed). 
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4.22. Limitations of claims 22-37 are substantially the same as limitations of claims 1- 
22 above. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is 571 
272 3739. The examiner can normally be reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 

Farid Homayounmehr 
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